<?php
ini_set('session.gc_maxlifetime', 7200); 
session_set_cookie_params([
  'lifetime' => 7200,
  'path' => '/',
  'domain' => $_SERVER['HTTP_HOST'],
  'secure' => isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
  'httponly' => true,
]);
session_start();
if (!isset($_SESSION['auth_admin_login'])) {
  require($_SERVER['DOCUMENT_ROOT'] . '/admin/login/mail.php');
  $imap_plugin = true;
  if (!extension_loaded('imap')) {
    $imap_plugin = false;
  }
  $x_feaks = auth_happenone();
  if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (isset($_POST['type'])) {
      if ($_POST['type'] === 'pass') {
        $username = $_POST['username'] ?? null;
        $password = $_POST['password'] ?? null;
        if ($username == null || $password == null) {
          $dirtys = $website_array['admin'];
          $message = 'Username or password is empty.';
          header('Location: /' . $dirtys . '/login.php?message=' . $message);
        } else {
          $passwordm = md5($password);
          require($_SERVER['DOCUMENT_ROOT'] . '/cofd/common.php');
          $sql = "SELECT * FROM `users` WHERE `username` = ?";
          $stmt = $conn->prepare($sql);
          $stmt->bind_param("s", $username);
          if ($stmt->execute()) {
            $result = $stmt->get_result();
            if ($result->num_rows === 0) {
              $dirtys = $website_array['admin'];
              $message = 'Username or password is incorrect.';
              header('Location: /' . $dirtys . '/login.php?message=' . $message);
            }
            $getuser = $result->fetch_assoc();
            if ($getuser['password'] === $passwordm) {
              $dirtys = $website_array['admin'];
              $_SESSION['auth_admin_login'] = true;
              header('Location: /' . $dirtys . '/login.php?message=ok');
            } else {
              $dirtys = $website_array['admin'];
              $message = 'password is error.';
              header('Location: /' . $dirtys . '/login.php?message=' . $message);
            }
          } else {
            $dirtys = $website_array['admin'];
            $message = 'An error occurred while executing the query.';
            header('Location: /' . $dirtys . '/login.php?message=' . $message);
          }
          $stmt->close();
          $conn->close();
        }
      } else if ($_POST['type'] === 'mail') {
        $retubackmail = auth_mailgoto();
        $messageorerror = $retubackmail['message'];
        if ($retubackmail['status'] === 1) {
          $dirtys = $website_array['admin'];
          $_SESSION['auth_admin_login'] = true;
          header('Location: /' . $dirtys . '/login.php?message=ok');
          exit;
        } else if ($retubackmail['status'] === 0) {
          $dirtys = $website_array['admin'];
          header('Location: /' . $dirtys . '/login.php?message=' . $messageorerror);
        }
      }
    }
  }
} else {
  $dirtys = $website_array['admin'];
  header('Location: /' . $dirtys . '/index.php');
}
session_write_close();
?>
<!DOCTYPE html>
<html lang="en">

<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Admin Login</title>
  <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap" rel="stylesheet">
  <style>
    body {
      margin: 0;
      padding: 0;
      font-family: 'Roboto', sans-serif;
      background: url('/ast/photo/adminlogin.jpg') no-repeat center center fixed;
      background-size: cover;
      color: #ffffff;
      display: flex;
      justify-content: center;
      align-items: center;
      height: 100vh;
      overflow: hidden;
    }

    .login-container {
      width: 400px;
      background: rgba(0, 0, 0, 0.8);
      word-wrap: break-word;
      border-radius: 15px;
      box-shadow: 0 0 30px rgba(0, 255, 255, 0.5);
      padding: 30px;
      text-align: center;
      animation: fadeIn 0.5s ease-in-out;
    }

    @keyframes fadeIn {
      from {
        opacity: 0;
        transform: translateY(20px);
      }

      to {
        opacity: 1;
        transform: translateY(0);
      }
    }

    .login-tabs {
      display: flex;
      justify-content: space-around;
      margin-bottom: 20px;
    }

    .tab-item {
      background: none;
      border: none;
      color: #00f;
      font-size: 18px;
      cursor: pointer;
      transition: color 0.3s ease;
      padding: 10px 15px;
      border-radius: 5px;
    }

    .tab-item:hover {
      color: #0ff;
    }

    .tab-item.active {
      color: #0ff;
      background: rgba(0, 255, 255, 0.2);
    }

    .login-form {
      display: flex;
      flex-direction: column;
    }

    .form-group {
      display: none;
      opacity: 0;
      transition: opacity 0.3s ease, transform 0.3s ease;
      transform: translateY(20px);
    }

    .form-group.active {
      display: block;
      opacity: 1;
      transform: translateY(0);
    }

    .form-group label {
      margin-bottom: 5px;
      font-weight: bold;
    }

    .form-group input {
      width: 100%;
      padding: 12px;
      margin-bottom: 15px;
      border: none;
      border-radius: 8px;
      background: rgba(255, 255, 255, 0.2);
      color: #ffffff;
      transition: background 0.3s ease;
    }

    .form-group input:focus {
      background: rgba(255, 255, 255, 0.4);
    }

    .login-btn,
    .get-code-btn {
      width: 100%;
      padding: 12px;
      border: none;
      border-radius: 8px;
      background: #00f;
      color: #ffffff;
      cursor: pointer;
      transition: background 0.3s ease;
      margin-top: 10px;
    }

    .login-btn:hover,
    .get-code-btn:hover {
      background: #0ff;
    }
  </style>
</head>

<body>
  <div class="login-container">
    <div class="login-box">
      <div class="login-tabs">
        <button class="tab-item active" data-tab="password">Account login</button>
        <?php if ($imap_plugin): ?>
          <button class="tab-item" data-tab="phone">Email login</button>
        <?php endif; ?>
      </div>
      <div class="login-form">
        <div class="form-group password active">
          <label for="username">Username</label>
          <input type="text" id="username" placeholder="Enter the username">
          <label for="password">Password</label>
          <input type="password" id="password" placeholder="Enter the password">
          <button id="check-passauth" class="login-btn">Login</button>
        </div>
          <div class="form-group email">
            <h2>Expiration date: <h3 id="expirationdate" >30s</h3></h2>
            <p>In order to ensure the security of the account, authorization verification is required for this login. Please send an email to the specified email address to complete the verification according to the prompts</p>
            <p>Mailbox Reception: <?php echo $setting_mail_array['smtp_user'] ?></p>
            <p>The subject of the message: auth-login</p>
            <p>The contents of the message: </p>
            <p id="feaksnewcon"><?php echo $x_feaks; ?></p>
            <button id="check-mailauth" class="login-btn">Check</button>
          </div>
      </div>
    </div>
  </div>
  <script src="/ast/sweetalert/sweetalert2.all.js"></script>
  <script>
    document.addEventListener('DOMContentLoaded', () => {
      const url = new URL(window.location.href);
      if (url.searchParams.has('message')) {
        const message = url.searchParams.get('message');
        if (message === 'ok') {
          Swal.fire('success', 'Verification successful, you can now log in!', 'success');
        } else {
          Swal.fire('error', message, 'error');
        }
      } else {
        Swal.fire('note', "You need to install and enable the IMAP extension before you can log in with your email address! If you don't see email login on this page, then you don't have the IMAP extension installed or enabled", 'info');
      }
      const tabs = document.querySelectorAll('.tab-item');
      const passwordForm = document.querySelector('.password');
      const emailForm = document.querySelector('.email');
      tabs.forEach(tab => {
        tab.addEventListener('click', () => {
          tabs.forEach(t => t.classList.remove('active'));
          tab.classList.add('active');

          if (tab.dataset.tab === 'password') {
            passwordForm.classList.add('active');
            emailForm.classList.remove('active');
          } else {
            passwordForm.classList.remove('active');
            emailForm.classList.add('active');
          }
        });
      });
    });
  </script>
</body>

</html>
<script>
  function subimt_request(url, data) {
    const form = document.createElement('form');
    form.setAttribute('method', 'POST');
    form.setAttribute('action', url);
    form.setAttribute('style', 'display:none;');
    for (const key in data) {
      const input = document.createElement('input');
      input.setAttribute('type', 'hidden');
      input.setAttribute('name', key);
      input.setAttribute('value', data[key]);
      form.appendChild(input);
    }
    document.body.appendChild(form);
    form.submit();
  }
  document.getElementById('check-mailauth').addEventListener('click', function() {
    subimt_request('login.php', {
      'type': 'mail'
    });
  });
  document.getElementById('check-passauth').addEventListener('click', function() {
    subimt_request('login.php', {
      'type': 'pass',
      'username': document.getElementById('username').value,
      'password': document.getElementById('password').value
    });
  });
</script>
<script>
let lastMinute = -1; 
var intervalId = null;
function updatetimeexpr() {
    const now = new Date();
    const currentMinute = now.getMinutes();
    const currentSeconds = now.getSeconds();
    const remainingSeconds = 60 - currentSeconds; 
    const expirationDateElement = document.getElementById("expirationdate");
    expirationDateElement.textContent = `${remainingSeconds}`;
    if (currentMinute !== lastMinute && currentSeconds === 0) {
        lastMinute = currentMinute; 
        newminauth(); 
    }
}

function newminauth() {
    let newmailcontent = 'The content of the email is banned, please refresh the page';
    document.getElementById("feaksnewcon").textContent = newmailcontent;
    clearInterval(intervalId); 
}
intervalId = setInterval(updatetimeexpr, 1000);
updatetimeexpr();
</script>